Elastic offers a Cloud based solution which would allow a very modest lightweight SIEM to be implemented for around $0.05 AUD/hour (60GB of Index Storage), but this does not include…
Threat hunting with Elasticsearch and Kibana (Part 1)
As part of my final Masters degree research component I have been collecting data from honeypots which I have seeded around the globe. The objective being to distil this data…
Loading Windows Event Logs to Elasticsearch
So whilst playing through an element of Kringlecon 2019 I came across a task which didn't really suit my Christmas challenge of going to Linux full-time. One such challenge involved…